VM Detection Tricks, Part 1: Physical memory resource maps - Nettitude Labs
Tags
| attack-pattern: | Data Hardware - T1592.001 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 8a60a4c5-20ef-4219-826c-f16ad584f00c |
| Fingerprint | 4f185cf3f5091c88 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 20, 2021, 9 a.m. |
| Added to db | Jan. 18, 2023, 9:56 p.m. |
| Last updated | Nov. 18, 2024, 2:36 a.m. |
| Headline | VM Detection Tricks, Part 1: Physical memory resource maps |
| Title | VM Detection Tricks, Part 1: Physical memory resource maps - Nettitude Labs |
| Detected Hints/Tags/Attributes | 25/1/14 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 8 | cve-2018-1038 |
|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 10 | blog.xpnsec.com |
|
| Details | Domain | 221 | gist.github.com |
|
| Details | File | 24 | cl.exe |
|
| Details | File | 1 | vm_resource_check.exe |
|
| Details | File | 6 | key.key |
|
| Details | Github username | 6 | lordnoteworthy |
|
| Details | Github username | 3 | xpn |
|
| Details | md5 | 1 | 3792ec34d712425a5c47caf5677de5fe |
|
| Details | Url | 3 | https://github.com/lordnoteworthy/al-khaser |
|
| Details | Url | 1 | https://blog.xpnsec.com/total-meltdown-cve-2018-1038 |
|
| Details | Url | 1 | https://gist.github.com/xpn/3792ec34d712425a5c47caf5677de5fe |
|
| Details | Windows Registry Key | 1 | HKLM\Hardware\ResourceMap\System |